Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8S7ri0FnBQBwESmG23eu1ztJhY0.roa
File: 8S7ri0FnBQBwESmG23eu1ztJhY0.roa (raw, json)
Hash identifier: GQX4ydE8NNjonTAYphTJZPm+LTuVDwtM0QT1f/20h/E=
Subject key identifier: F1:2E:EB:8B:41:67:05:00:70:11:29:86:DB:77:AE:D7:3B:49:85:8D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01837F1C5D02D1800F747EFFFB58E21C1E5E
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8S7ri0FnBQBwESmG23eu1ztJhY0.roa
Signing time: Tue 27 Sep 2022 13:21:48 +0000
ROA not before: Tue 27 Sep 2022 13:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39120
IP address blocks: 45.133.75.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.80.193.0/24 maxlen: 24
204.11.1.0/24 maxlen: 24
5.253.245.0/24 maxlen: 24
45.137.201.0/24 maxlen: 24
2.56.246.0/24 maxlen: 24
45.84.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:1c:5d:02:d1:80:0f:74:7e:ff:fb:58:e2:1c:1e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 27 13:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f12eeb8b4167050070112986db77aed73b49858d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fb:37:30:4f:8b:8a:84:60:3e:23:3f:c0:a1:
d5:8b:50:6f:c8:31:44:dc:8b:cc:d4:4f:57:35:cc:
73:04:4a:12:f4:79:49:ed:1b:46:33:07:ab:df:1e:
b1:02:71:0a:f5:df:ad:f9:83:41:8a:77:6b:ac:64:
4e:89:2a:c0:75:79:aa:22:a1:c7:8b:dd:80:f8:5c:
d1:07:a6:ae:6f:de:68:8c:32:97:74:fe:7d:14:da:
5e:c5:67:f4:56:fe:b9:c3:50:79:f8:df:80:19:71:
f8:db:8f:29:33:78:62:83:ee:53:62:99:52:8e:c8:
41:25:fe:0c:a0:5c:bf:a7:99:83:f5:b4:2d:e3:ee:
9f:17:8d:c8:49:91:87:c5:83:06:2e:1f:eb:13:8d:
e2:67:b9:91:7e:ec:5a:0f:ad:6b:c4:c8:10:aa:cf:
69:7b:be:96:21:ec:5f:de:ea:f2:10:da:93:85:75:
f2:a7:3a:59:41:01:d7:12:60:9c:a4:22:19:dc:a0:
72:34:1a:ae:d8:b5:c3:4a:ee:a4:de:90:55:f4:ae:
1e:c3:6f:fb:97:9a:bc:c6:20:da:44:d4:53:dd:b5:
42:5b:37:0e:78:bd:98:0a:c3:3d:1e:ba:24:9d:09:
e0:54:04:85:84:88:1c:72:b0:29:db:32:7e:a5:22:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2E:EB:8B:41:67:05:00:70:11:29:86:DB:77:AE:D7:3B:49:85:8D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8S7ri0FnBQBwESmG23eu1ztJhY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
5.253.245.0/24
45.80.193.0/24
45.84.198.0/24
45.131.65.0/24
45.133.75.0/24
45.137.201.0/24
204.11.1.0/24
Signature Algorithm: sha256WithRSAEncryption
17:14:a0:aa:c7:83:09:4e:50:50:5d:b1:dc:c6:9d:a2:b5:f1:
ec:da:d1:a0:78:ae:c9:2b:d5:d5:b8:8d:be:c3:dc:93:ee:58:
89:d5:00:a8:99:26:2a:31:fa:87:e8:e1:51:3e:cd:67:eb:ed:
54:7f:24:0f:bd:22:cc:e3:f0:87:49:36:0e:3e:fa:17:f3:06:
0f:59:d8:66:99:f4:0b:a5:cf:ce:21:3e:e9:2a:d7:4b:fe:e9:
ca:3d:47:04:ce:c0:ec:b9:33:5f:b2:ad:fe:7c:73:9a:3b:df:
07:c8:bd:e5:43:88:69:ab:d0:ca:1f:a1:6e:23:e0:b0:85:89:
59:f5:c6:83:c7:ba:b5:68:77:fe:33:c9:70:b0:6f:01:e7:fa:
7d:5b:51:99:a9:a4:40:7c:f4:29:73:da:ed:f5:4c:bf:9c:b9:
07:85:db:2f:8c:88:3e:f7:31:a5:68:54:4e:b6:54:27:cf:9b:
ea:6e:7a:36:b7:e3:94:c8:8b:76:82:d6:68:60:66:4e:4f:33:
2e:25:2f:01:c3:ce:53:33:aa:03:f2:37:92:39:4d:70:de:c4:
c5:0f:3d:f8:17:8a:21:24:8e:5d:51:89:a9:5c:26:24:2d:76:
fc:a8:ba:ef:65:c3:29:b7:d0:08:c5:4a:d2:8d:d5:1b:5a:4d:
86:ca:67:4f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYN/HF0C0YAPdH7/+1jiHB5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTI3MTMyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJlZWI4YjQxNjcwNTAwNzAxMTI5ODZkYjc3YWVkNzNiNDk4NThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfs3ME+LioRgPiM/wKHVi1BvyDFE
3IvM1E9XNcxzBEoS9HlJ7RtGMwer3x6xAnEK9d+t+YNBindrrGROiSrAdXmqIqHH
i92A+FzRB6aub95ojDKXdP59FNpexWf0Vv65w1B5+N+AGXH4248pM3hig+5TYplS
jshBJf4MoFy/p5mD9bQt4+6fF43ISZGHxYMGLh/rE43iZ7mRfuxaD61rxMgQqs9p
e76WIexf3uryENqThXXypzpZQQHXEmCcpCIZ3KByNBqu2LXDSu6k3pBV9K4ew2/7
l5q8xiDaRNRT3bVCWzcOeL2YCsM9HroknQngVASFhIgccrAp2zJ+pSIkDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPEu64tBZwUAcBEphtt3rtc7SYWNMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOFM3cmkwRm5CUUJ3RVNtRzIzZXUxenRKaFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjj2AwQA
Bf31AwQALVDBAwQALVTGAwQALYNBAwQALYVLAwQALYnJAwQAzAsBMA0GCSqGSIb3
DQEBCwUAA4IBAQAXFKCqx4MJTlBQXbHcxp2itfHs2tGgeK7JK9XVuI2+w9yT7liJ
1QComSYqMfqH6OFRPs1n6+1UfyQPvSLM4/CHSTYOPvoX8wYPWdhmmfQLpc/OIT7p
KtdL/unKPUcEzsDsuTNfsq3+fHOaO98HyL3lQ4hpq9DKH6FuI+CwhYlZ9caDx7q1
aHf+M8lwsG8B5/p9W1GZqaRAfPQpc9rt9Uy/nLkHhdsvjIg+9zGlaFROtlQnz5vq
bno2t+OUyIt2gtZoYGZOTzMuJS8Bw85TM6oD8jeSOU1w3sTFDz34F4ohJI5dUYmp
XCYkLXb8qLrvZcMpt9AIxUrSjdUbWk2GymdP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:30 2023 by rpki-client on console-fra.rpki-client.org